<?php
include 'header.php';
include 'constant.php';
include 'db_cred.php';
?>
<script type=text/javascript>
function validate_input()
{
  var fullname = document.forms["main"]["user_fullname"].value;
  if (fullname == "")
  {
    alert ("Error : Full name must not be empty");
    return false;
  }

  var user_password = document.forms["main"]["user_password"].value;
  if (user_password == "")
  {
    alert ("Error : Current Password must not be empty");
    return false;
  }
  var user_phone = document.forms["main"]["user_phone"].value;
  var regexp = /^\d{10}$/;
  if (! regexp.test(user_phone))
  {
    alert ("Error : Phone Number must contain 10 digits only");
    return false;
  }

  var user_password_new = document.forms["main"]["user_password_new"].value;
  var user_password_new_2 = document.forms["main"]["user_password_new_2"].value;
  if (user_password_new != user_password_new_2)
  {
    alert ("Error : The two new password entries do not match");
    return false;
  }
}
</script>
<?php
if ($_SESSION['authorized_user'] == '')
{
  include 'constant.php';
  print $CONST_ERR_INCORRECT_LOGIN_CRED . "<BR>\n";
  print "<A HREF=\"/\">Back</A>\n";
}
else
{
  # updating user's info
  if ($_REQUEST['user_password'] != '')
  {
    $_SESSION['user_update_status'] = 'User Info Updated Successfully';
    # if new password supplied, then assume changing password
    $new_password = ($_REQUEST['user_password_new'] != '') ? $_REQUEST['user_password_new'] : $_REQUEST['user_password'];
    $query = sprintf("update user set user_fullname = '%s', user_password = '%s', user_timezone = '%s', user_phone = '%d' where user_name = '%s' and user_password = '%s'",
           $_REQUEST['user_fullname'],
           $new_password,
           $_REQUEST['user_timezone'],
           $_REQUEST['user_phone'],
           $_SESSION['authorized_user'],
           $_REQUEST['user_password']
           );
     $result = mysql_query($query) or ($_SESSION['user_update_status'] = 'Error : ' . mysql_error());
  }

  # display user detail
  
  $query = "select user_fullname, user_phone, user_timezone from user where user_name = '". $_SESSION['authorized_user'] . "'";
  $result = mysql_query($query) or die('Query failed: ' . mysql_error());
  $row = mysql_fetch_assoc($result);
  printf("<FORM NAME=\"main\" ONSUBMIT=\"return validate_input()\">\n");
  printf("<TABLE BORDER=0 CELLPADDING=3 CELLSPACING=0>\n");
  printf("<TR><TH>%s</TH><TD WIDTH=5 /><TD>%s</TD></TR>\n","User Name",$_SESSION['authorized_user']);
  printf("<TR><TH>%s</TH><TD WIDTH=5 /><TD><INPUT TYPE=TEXT WIDTH=30 NAME=%s VALUE=\"%s\"></TD></TR>\n","Full Name","user_fullname",$row["user_fullname"]);
  printf("<TR><TH>%s</TH><TD WIDTH=5 /><TD><INPUT TYPE=TEXT WIDTH=30 NAME=%s VALUE=\"%s\"></TD></TR>\n","Current Password","user_password","");
  printf("<TR><TH>%s</TH><TD WIDTH=5 /><TD><INPUT TYPE=TEXT WIDTH=30 NAME=%s VALUE=\"%s\"></TD></TR>\n","Phone Number","user_phone",$row["user_phone"]);
  printf("<TR><TH>%s</TH><TD WIDTH=5 /><TD><select NAME=%s WIDTH=30>\n","Time Zone","user_timezone");
printf("<OPTION VALUE=\"GMT\">GMT (GMT)</OPTION>\n");
printf("<OPTION VALUE=\"UTC\">UTC (GMT)</OPTION>\n");
printf("<OPTION VALUE=\"ECT\">ECT (GMT+1:00)</OPTION>\n");
printf("<OPTION VALUE=\"EET\">EET (GMT+2:00)</OPTION>\n");
printf("<OPTION VALUE=\"ART\">ART (GMT+2:00)</OPTION>\n");
printf("<OPTION VALUE=\"EAT\">EAT (GMT+3:00)</OPTION>\n");
printf("<OPTION VALUE=\"MET\">MET (GMT+3:30)</OPTION>\n");
printf("<OPTION VALUE=\"NET\">NET (GMT+4:00)</OPTION>\n");
printf("<OPTION VALUE=\"PLT\">PLT (GMT+5:00)</OPTION>\n");
printf("<OPTION VALUE=\"IST\">IST (GMT+5:30)</OPTION>\n");
printf("<OPTION VALUE=\"BST\">BST (GMT+6:00)</OPTION>\n");
printf("<OPTION VALUE=\"VST\">VST (GMT+7:00)</OPTION>\n");
printf("<OPTION VALUE=\"CTT\">CTT (GMT+8:00)</OPTION>\n");
printf("<OPTION VALUE=\"JST\">JST (GMT+9:00)</OPTION>\n");
printf("<OPTION VALUE=\"ACT\">ACT (GMT+9:30)</OPTION>\n");
printf("<OPTION VALUE=\"AET\">AET (GMT+10:00)</OPTION>\n");
printf("<OPTION VALUE=\"SST\">SST (GMT+11:00)</OPTION>\n");
printf("<OPTION VALUE=\"NST\">NST (GMT+12:00)</OPTION>\n");
printf("<OPTION VALUE=\"MIT\">MIT (GMT-11:00)</OPTION>\n");
printf("<OPTION VALUE=\"HST\">HST (GMT-10:00)</OPTION>\n");
printf("<OPTION VALUE=\"AST\">AST (GMT-9:00)</OPTION>\n");
printf("<OPTION VALUE=\"PST\">PST (GMT-8:00)</OPTION>\n");
printf("<OPTION VALUE=\"PNT\">PNT (GMT-7:00)</OPTION>\n");
printf("<OPTION VALUE=\"MST\">MST (GMT-7:00)</OPTION>\n");
printf("<OPTION VALUE=\"CST\">CST (GMT-6:00)</OPTION>\n");
printf("<OPTION VALUE=\"EST\">EST (GMT-5:00)</OPTION>\n");
printf("<OPTION VALUE=\"IET\">IET (GMT-5:00)</OPTION>\n");
printf("<OPTION VALUE=\"PRT\">PRT (GMT-4:00)</OPTION>\n");
printf("<OPTION VALUE=\"CNT\">CNT (GMT-3:30)</OPTION>\n");
printf("<OPTION VALUE=\"AGT\">AGT (GMT-3:00)</OPTION>\n");
printf("<OPTION VALUE=\"BET\">BET (GMT-3:00)</OPTION>\n");
printf("<OPTION VALUE=\"CAT\">CAT (GMT-1:00)</OPTION>\n");
  printf("</select></TD></TR>\n");

  printf("<TR><TD COLSPAN=3>Leave field below empty unless changing password:</TD></TR>\n");
  printf("<TR><TH>%s</TH><TD WIDTH=5 /><TD><INPUT TYPE=PASSWORD WIDTH=30 NAME=%s VALUE=\"%s\"></TD></TR>\n","New Password","user_password_new","");
  printf("<TR><TH>%s</TH><TD WIDTH=5 /><TD><INPUT TYPE=PASSWORD WIDTH=30 NAME=%s VALUE=\"%s\"></TD></TR>\n","New Password (again)","user_password_new_2","");
  printf("<TR><TD COLSPAN=3><FONT COLOR=\"RED\">%s</FONT></TD></TR>\n",$_SESSION['user_update_status']);
  printf("<TR><TD COLSPAN=2><INPUT TYPE=SUBMIT VALUE=\"Update\"> <INPUT TYPE=BUTTON ONCLICK=\"location.href='/'\" VALUE=\"Go to Main Page\" /></TD></TR>\n");

  printf("</TABLE>\n");
  printf("</FORM>\n");

}
include 'footer.php';
?>